adding dns to domain controller at site

[Guest]

I have just taken over as network admin and am trying to clean things up
somewhat. We have 25 sites each with a domain controller and one main site
with 2 domain controllers. All of the sites use the dns server at the main
site. Shouldn't each site have it's own dns server? Can you give me a link to
precautions and proper steps for making the dc's at the sites run dns as
well? All of the sites routers connect to the router at the main office and
get internet connectivity from the router at the main site.This is a windows
2000 ad.

 

[Kevin D. Goodknecht Sr. [MVP]]

In

I have just taken over as network admin and am trying to
clean things up somewhat. We have 25 sites each with a
domain controller and one main site with 2 domain
controllers. All of the sites use the dns server at the
main site. Shouldn't each site have it's own dns server?
Can you give me a link to precautions and proper steps
for making the dc's at the sites run dns as well? All of
the sites routers connect to the router at the main
office and get internet connectivity from the router at
the main site.This is a windows 2000 ad.

If the DCs that are handling DNS now are using Active Directory integrated
zones, all you need to do is install DNS on the remote DCs. The zone will
replcate to them, in fact they alreay have a copy of the zone, in AD. It
just has not been loaded in DNS because DNS is not installed.

If you decide to do this, simply install DNS, do nothing else and the zone
will appear in DNS usually within 15 to 30 minutes. Here is a hint, keep the
remote DC pointing to the main site DCs as preferred DNS then just add
itself as an Alternate DNS. Then point the clients to the closest
geographical DNS. This will reduce traffic over the WAN link.

 

[Guest]

thank you kevin for the reply. How can I find out if the current dns servers
are using ad zones? I also noticed that one server at one of the sites does
havve dns installed, but the zone is not there. Just so I am clear, I can
just install dns and do no configuring and the zones are supposed to
replicate down? I do not need forwarders and I can use the all ips option? I
do need to go into network settings and make sure the dc's ip address(the ip
address of the server I want to add dns to) is listed under dns?

thanks,
Rodge

 

[Kevin D. Goodknecht Sr. [MVP]]

In

thank you kevin for the reply. How can I find out if the
current dns servers are using ad zones? I also noticed
that one server at one of the sites does havve dns
installed, but the zone is not there. Just so I am clear,
I can just install dns and do no configuring and the
zones are supposed to replicate down? I do not need
forwarders and I can use the all ips option? I do need to
go into network settings and make sure the dc's ip
address(the ip address of the server I want to add dns
to) is listed under dns?

On the main site DNS servers check the properties of the zone in DNS, it
will be Active Directory integrated, standard primary, or standard
secondary. If it is standard primary or secondary you can convert the
primary zone to AD integrated AND delete the secondary zone, it is important
to delete the secondary zone and not convert it to AD integrated.
Once the zones are AD integrated it will replicate to DNS on all DCs in the
domain, in Win2k the zone will not replicate across domain boundaries, so it
will not replicate to DCs for child domains.

 

[Guest]

thanks again Kevin. In looking at my dns snapin on the server that I know to
be as the primary dns server in our organization, we have one forward lookup
zone. On the primary server I did change this from standard primary to active
directory integrated. I also see in the snapin that we have three other dns
servers listed, but they all list the same zone as secondary. You mentioned
deleting secondary zones, should I delete the zones on the other three
servers listed in the snapin that I opened on my main dns server? Just want
to be sure.

 

[Kevin D. Goodknecht Sr. [MVP]]

In

thanks again Kevin. In looking at my dns snapin on the
server that I know to be as the primary dns server in our
organization, we have one forward lookup zone. On the
primary server I did change this from standard primary to
active directory integrated. I also see in the snapin
that we have three other dns servers listed, but they all
list the same zone as secondary. You mentioned deleting
secondary zones, should I delete the zones on the other
three servers listed in the snapin that I opened on my
main dns server? Just want to be sure.

Yes, any secondary zones WILL need to be deleted, they will cause a conflict
with the AD zone, do NOT convert the secondary zones to AD.
The AD zone will replicate.